The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups.
References
Configurations
History
12 Feb 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups. | |
References |
|
02 Feb 2023, 20:20
Type | Values Removed | Values Added |
---|---|---|
Summary | It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash. | |
References |
|
Information
Published : 2015-03-30 14:59
Updated : 2023-12-10 11:31
NVD link : CVE-2015-1827
Mitre link : CVE-2015-1827
CVE.ORG link : CVE-2015-1827
JSON object : View
Products Affected
fedoraproject
- fedora
freeipa
- freeipa
CWE
CWE-19
Data Processing Errors